An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a heap-based buffer overflow in the function InflateVarName() in inflate.c when called from ReadNextCell in mat5.c.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9026
Reference (s):
- https://github.com/TeamSeri0us/pocs/tree/master/matio
- https://github.com/tbeu/matio/issues/103